Results 1 to 6 of 6
  1. #1
    Join Date
    Aug 2008
    Posts
    48
    Plugin Contributions
    0

    Default htaccess File Necessary?

    I found an htaccess file in my Zen Cart installation and I'm wondering if it's even necessary. I don't have a clue what any of this means. Here are the contents:

    #turn off session.use_trans_sid
    php_flag session.use_trans_sid off

    #turn off Register Globals
    php_value register_globals off

    <Files ".ht*">
    deny from all
    </Files>


    #prevent directory browsing -- this is temporary until cURL is compiled and ZC installation can resume
    #IndexIgnore */*

    #<Limit GET POST PUT>
    #Order Allow,Deny
    #Deny from All
    #</Limit>

  2. #2
    Join Date
    Jan 2004
    Posts
    66,364
    Blog Entries
    7
    Plugin Contributions
    274

    Default Re: htaccess File Necessary?

    "Where" did you find that?
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  3. #3
    Join Date
    Aug 2008
    Posts
    48
    Plugin Contributions
    0

    Default Re: htaccess File Necessary?

    In the Zen Cart directory. A sub-contractor (supposedly a ZC specialist) put it there, but I'm not so sure it's necessary...

  4. #4
    Join Date
    Aug 2008
    Posts
    48
    Plugin Contributions
    0

    Default Re: htaccess File Necessary?

    Here is the exact path:

    the_domain_name/zencart-1.3.x/.htaccess
    Last edited by DrByte; 10 Aug 2008 at 05:30 AM. Reason: obfuscate the url

  5. #5
    Join Date
    Jan 2004
    Posts
    66,364
    Blog Entries
    7
    Plugin Contributions
    274

    Default Re: htaccess File Necessary?

    Quote Originally Posted by dkjwebs View Post
    #turn off session.use_trans_sid
    php_flag session.use_trans_sid off
    This is because use_trans_sid needs to be off, but your hosting company has it on by default.

    Quote Originally Posted by dkjwebs View Post
    #turn off Register Globals
    php_value register_globals off
    Register Globals should be off, so this turns it off even though the server has it on by default.

    Quote Originally Posted by dkjwebs View Post
    <Files ".ht*">
    deny from all
    </Files>
    This prevents all *.ht* files from being run by anybody's browser. This is likely there so that if a hacker gets into the server and uploads some .html files they still won't be able to use them to do any damage.

    Quote Originally Posted by dkjwebs View Post
    #prevent directory browsing -- this is temporary until cURL is compiled and ZC installation can resume
    #IndexIgnore */*

    #<Limit GET POST PUT>
    #Order Allow,Deny
    #Deny from All
    #</Limit>
    Those are all disabled (the # at the beginning of the line treats them as a comment).



    My suggestion: Leave it alone.
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  6. #6
    Join Date
    Aug 2008
    Posts
    48
    Plugin Contributions
    0

    Default Re: htaccess File Necessary?

    Thank you - that was VERY helpful!

 

 

Similar Threads

  1. .htaccess file 1.3.9h ?
    By Muzz in forum General Questions
    Replies: 4
    Last Post: 18 Dec 2010, 03:40 AM
  2. Necessary to Duplicate File Structure in http *and* https?
    By dsdavis in forum Installing on a Linux/Unix Server
    Replies: 5
    Last Post: 29 Feb 2008, 11:22 PM
  3. .htaccess file
    By mrbert in forum General Questions
    Replies: 0
    Last Post: 22 Apr 2007, 10:06 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg
Zen-Cart, Internet Selling Services, Klamath Falls, OR